U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
There are 165,210 matching records.
Displaying matches 163,021 through 163,040.
Vuln ID Summary CVSS Severity
CVE-2000-0791

Trustix installs the httpsd program for Apache-SSL with world-writeable permissions, which allows local users to replace it with a Trojan horse.

Published: October 20, 2000; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 4.6 MEDIUM
CVE-2000-0792

Gnome Lokkit firewall package before 0.41 does not properly restrict access to some ports, even if a user does not make any services available.

Published: October 20, 2000; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2000-0793

Norton AntiVirus 5.00.01C with the Novell Netware client does not properly restart the auto-protection service after the first user has logged off of the system.

Published: October 20, 2000; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2000-0794

Buffer overflow in IRIX libgl.so library allows local users to gain root privileges via a long HOME variable to programs such as (1) gmemusage and (2) gr_osview.

Published: October 20, 2000; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2000-0795

Buffer overflow in lpstat in IRIX 6.2 and 6.3 allows local users to gain root privileges via a long -n option.

Published: October 20, 2000; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2000-0796

Buffer overflow in dmplay in IRIX 6.2 and 6.3 allows local users to gain root privileges via a long command line option.

Published: October 20, 2000; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2000-0797

Buffer overflow in gr_osview in IRIX 6.2 and 6.3 allows local users to gain privileges via a long -D option.

Published: October 20, 2000; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2000-0798

The truncate function in IRIX 6.x does not properly check for privileges when the file is in the xfs file system, which allows local users to delete the contents of arbitrary files.

Published: October 20, 2000; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2000-0799

inpview in InPerson in SGI IRIX 5.3 through IRIX 6.5.10 allows local users to gain privileges via a symlink attack on the .ilmpAAA temporary file.

Published: October 20, 2000; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 3.7 LOW
CVE-2000-0800

String parsing error in rpc.kstatd in the linuxnfs or knfsd packages in SuSE and possibly other Linux systems allows remote attackers to gain root privileges.

Published: October 20, 2000; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2000-0801

Buffer overflow in bdf program in HP-UX 11.00 may allow local users to gain root privileges via a long -t option.

Published: October 20, 2000; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2000-0802

The BAIR program does not properly restrict access to the Internet Explorer Internet options menu, which allows local users to obtain access to the menu by modifying the registry key that starts BAIR.

Published: October 20, 2000; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 3.6 LOW
CVE-2000-1213

ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 through 7J and other operating systems, does not drop privileges after acquiring a raw socket, which increases ping's exposure to bugs that otherwise would occur at lower privileges.

Published: October 18, 2000; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2000-1214

Buffer overflows in the (1) outpack or (2) buf variables of ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 through 7J and other operating systems, may allow local users to gain privileges.

Published: October 18, 2000; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 4.6 MEDIUM
CVE-1999-1563

Nachuatec D435 and D445 printer allows remote attackers to cause a denial of service via ICMP redirect storm.

Published: October 14, 2000; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2000-1204

Vulnerability in the mod_vhost_alias virtual hosting module for Apache 1.3.9, 1.3.11 and 1.3.12 allows remote attackers to obtain the source code for CGI programs if the cgi-bin directory is under the document root.

Published: October 13, 2000; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2000-0816

Linux tmpwatch --fuser option allows local users to execute arbitrary commands by creating files whose names contain shell metacharacters.

Published: October 06, 2000; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2000-1207

userhelper in the usermode package on Red Hat Linux executes non-setuid programs as root, which does not activate the security measures in glibc and allows the programs to be exploited via format string vulnerabilities in glibc via the LANG or LC_ALL environment variables (CVE-2000-0844).

Published: September 30, 2000; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2000-0354

mirror 2.8.x in Linux systems allows remote attackers to create files one level above the local target directory.

Published: September 28, 2000; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-1999-0761

Buffer overflow in FreeBSD fts library routines allows local user to modify arbitrary files via the periodic program.

Published: September 16, 2000; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.2 HIGH